001 /**
002 * Copyright 2005-2014 The Kuali Foundation
003 *
004 * Licensed under the Educational Community License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 * http://www.opensource.org/licenses/ecl2.php
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 */
016 package org.kuali.rice.ksb.security.admin.web;
017
018 import java.io.ByteArrayOutputStream;
019 import java.io.IOException;
020 import java.security.KeyStore;
021 import java.security.KeyStoreException;
022 import java.security.NoSuchAlgorithmException;
023 import java.security.cert.CertificateException;
024 import java.util.Collection;
025
026 import javax.servlet.http.HttpServletRequest;
027 import javax.servlet.http.HttpServletResponse;
028
029 import org.apache.struts.action.ActionForm;
030 import org.apache.struts.action.ActionForward;
031 import org.apache.struts.action.ActionMapping;
032 import org.apache.struts.action.ActionMessages;
033 import org.kuali.rice.ksb.messaging.web.KSBAction;
034 import org.kuali.rice.ksb.security.admin.ExportServlet;
035 import org.kuali.rice.ksb.security.admin.KeyStoreEntryDataContainer;
036 import org.kuali.rice.ksb.service.KSBServiceLocator;
037
038
039 /**
040 * Struts action for admin users to manage keys and keystore files for client applications
041 *
042 * @author Kuali Rice Team (rice.collab@kuali.org)
043 *
044 */
045 public class JavaSecurityManagementAction extends KSBAction {
046
047 private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(JavaSecurityManagementAction.class);
048
049 /**
050 * @see org.kuali.rice.ksb.messaging.web.KSBAction#establishRequiredState(javax.servlet.http.HttpServletRequest, org.apache.struts.action.ActionForm)
051 */
052 @Override
053 public ActionMessages establishRequiredState(HttpServletRequest request, ActionForm form) throws Exception {
054 request.setAttribute("rice_constant", getServlet().getServletContext().getAttribute("RiceConstants"));
055 request.setAttribute("entryListPageSize", 30);
056 Collection<KeyStoreEntryDataContainer> keyStoreEntryList = KSBServiceLocator.getJavaSecurityManagementService().getListOfModuleKeyStoreEntries();
057 LOG.info("Found " + keyStoreEntryList.size() + " entries in module keystore");
058 request.setAttribute("keyStoreEntryList", keyStoreEntryList);
059 return null;
060 }
061
062 /**
063 * @see org.kuali.rice.ksb.messaging.web.KSBAction#start(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
064 */
065 @Override
066 public ActionForward start(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
067 return mapping.findForward("report");
068 }
069
070 /**
071 * Method to sort the list of keystore entries
072 */
073 public ActionForward sort(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
074 return mapping.findForward("report");
075 }
076
077 /**
078 * Clear the form
079 */
080 public ActionForward clear(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
081 form = new JavaSecurityManagementForm();
082 return mapping.findForward("restart");
083 }
084
085 /**
086 * Remove the entry associated with the given alias parameter
087 */
088 public ActionForward removeEntry(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
089 String aliasToRemove = request.getParameter("aliasToRemove");
090 LOG.info("Removing alias " + aliasToRemove + " from module keystore file");
091 KSBServiceLocator.getJavaSecurityManagementService().removeClientCertificate(aliasToRemove);
092 return mapping.findForward("restart");
093 }
094
095 public ActionForward generateClientKeyStore(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
096 JavaSecurityManagementForm managementForm = (JavaSecurityManagementForm)form;
097 ActionMessages errors = managementForm.validateGenerateClientKeystore(mapping, request);
098 if (errors == null || errors.isEmpty()) {
099 KeyStore clientKeyStore = KSBServiceLocator.getJavaSecurityManagementService().generateClientKeystore(managementForm.getAlias(), managementForm.getPassword());
100 byte[] data = {};
101 ByteArrayOutputStream baos = null;
102 try {
103 baos = new ByteArrayOutputStream();
104 clientKeyStore.store(baos, managementForm.getPassword().toCharArray());
105 data = baos.toByteArray();
106 } catch (KeyStoreException e) {
107 e.printStackTrace();
108 throw new RuntimeException(e);
109 } catch (NoSuchAlgorithmException e) {
110 e.printStackTrace();
111 throw new RuntimeException(e);
112 } catch (CertificateException e) {
113 e.printStackTrace();
114 throw new RuntimeException(e);
115 } finally {
116 try {
117 baos.close();
118 } catch (IOException e) {}
119 }
120
121 form = new JavaSecurityManagementForm();
122 request.getSession().setAttribute(ExportServlet.CLIENT_KEYSTORE_DATA, data);
123 return new ActionForward(ExportServlet.generateExportPath(managementForm.getAlias() + "_keystore", request), true);
124 } else {
125 // found at least one error
126 saveErrors(request, errors);
127 return mapping.findForward("report");
128 }
129 }
130 }